Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1711	4.6	警告 Physics	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows 回復環境のセキュリティ機能バイパスの脆弱性	CWE-212 保存または転送前の重要な情報の不適切な削除	CVE-2026-20928	2026-04-27 11:28	2026-04-14	Show	GitHub Exploit DB Packet Storm

1712	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 23h2 Microsoft Windows 10 1809 Microsoft Windows 10 22h2 Microsoft Wind…	Windows Management サービスの特権昇格の脆弱性	CWE-362 競合状態	CVE-2026-20930	2026-04-27 11:28	2026-04-14	Show	GitHub Exploit DB Packet Storm

1713	6	警告 Local	オラクル	JDK JRE Oracle GraalVM	オラクルのOracle GraalVM等の複数製品におけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-22003	2026-04-27 11:28	2026-04-21	Show	GitHub Exploit DB Packet Storm

1714	3.7	低 Network	Pivotal Software, Inc.	Spring Security	VMwareのSpring Securityにおけるタイミングの違いに起因する情報漏えいに関する脆弱性	CWE-208 タイミングの違いに起因する情報漏えい	CVE-2026-22746	2026-04-27 11:28	2026-04-22	Show	GitHub Exploit DB Packet Storm

1715	8.1	重要 Network	Pivotal Software, Inc.	Spring Security	VMwareのSpring Securityにおけるホストの不一致による証明書の検証に関する脆弱性	CWE-297 ホストの不一致による証明書の不適切な検証	CVE-2026-22747	2026-04-27 11:28	2026-04-22	Show	GitHub Exploit DB Packet Storm

1716	6.5	警告 Network	Pivotal Software, Inc.	Spring Security	VMwareのSpring Securityにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-22748	2026-04-27 11:28	2026-04-22	Show	GitHub Exploit DB Packet Storm

1717	7.5	重要 Network	Pivotal Software, Inc.	Spring Security	VMwareのSpring Securityにおける保護メカニズムの不具合に関する脆弱性	CWE-693 保護メカニズムの不具合	CVE-2026-22753	2026-04-27 11:28	2026-04-22	Show	GitHub Exploit DB Packet Storm

1718	7.5	重要 Network	Pivotal Software, Inc.	Spring Security	VMwareのSpring Securityにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-22754	2026-04-27 11:28	2026-04-22	Show	GitHub Exploit DB Packet Storm

1719	7.8	重要 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-23344	2026-04-27 11:28	2026-03-25	Show	GitHub Exploit DB Packet Storm

1720	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2026-23345	2026-04-27 11:28	2026-03-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
347381	-	vote_pro	vote_pro	SQL injection vulnerability in poll_frame.php in Vote! Pro 4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the poll_id parameter.	CWE-89 SQL Injection	CVE-2005-4632	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

347382	-	activecampaign	supporttrio	SQL injection vulnerability in index.php in ActiveCampaign SupportTrio 1.4 allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: the provenance of this information …	NVD-CWE-Other	CVE-2005-4634	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

347383	-	class-1	poll_software	SQL injection vulnerability in index.php in class-1 Poll Software 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) pollid or (2) previouspoll parameters.	NVD-CWE-Other	CVE-2005-4640	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

347384	-	eazycms	eazycms	SQL injection vulnerability in home.php in eazyCMS 2.0 allows remote attackers to execute arbitrary SQL commands via the page_id parameter.	NVD-CWE-Other	CVE-2005-4641	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

347385	-	alstrasoft	epay	SQL injection vulnerability in index.php in AlstraSoft EPay Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the pmodule parameter.	NVD-CWE-Other	CVE-2005-4651	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

347386	-	sysbotz	systems_panel	Multiple SQL injection vulnerabilities in Sysbotz Systems Panel 1.0.6 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the cid parameter in knowledgebase/index.php, (2) th…	NVD-CWE-Other	CVE-2005-4719	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

347387	-	nelogic_technologies	nephp_publisher	Multiple SQL injection vulnerabilities in index.php in NeLogic Nephp Publisher 4.5.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) nnet_catid parameters.	NVD-CWE-Other	CVE-2005-4743	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

347388	-	sergids	top_music_module	Multiple SQL injection vulnerabilities in SergiDs Top Music module 3.0 PR3 and earlier for PHP-Nuke allow remote attackers to execute arbitrary SQL commands via the (1) idartist, (2) idsong, and (3) …	NVD-CWE-Other	CVE-2005-4781	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

347389	-	locazo	locazolist_classifieds	Cross-site scripting (XSS) vulnerability in searchdb.asp in LocazoList 1.03c and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter.	NVD-CWE-Other	CVE-2005-4205	2008-09-20 13:42	2005-12-13	Show	GitHub Exploit DB Packet Storm

347390	-	php_web_scripts	link_up_gold	SQL injection vulnerability in poll.php in Link Up Gold 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the number parameter.	NVD-CWE-Other	CVE-2005-4230	2008-09-20 13:42	2005-12-14	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed